Fatal error: adminfunctions.php (HACKED!) [Archive]

View Full Version : Fatal error: adminfunctions.php (HACKED!)

cuphongle

02-13-2008, 08:18 PM

Fatal error: Invalid forum parenting setup. Contact vBulletin support. in /includes/adminfunctions.php on line 3164

I'm getting that error whenever I'm trying to delete, edit, move (moderation actions on threads / posts), and also when trying to edit permissions, titles, descriptions of forums/sections.

Line 3164 is basically the code to recalculates forum parent and child lists.

// ################################################## ###########################
/**
* Recalculates forum parent and child lists, then saves them back to the forum table
*/
function build_forum_genealogy()
{
global $vbulletin;

if (empty($vbulletin->forumcache))
{
return;
}

// build parent/child lists
foreach ($vbulletin->forumcache AS $forumid => $forum)
{
// parent list
$i = 0;
$curid = $forumid;

$vbulletin->forumcache["$forumid"]['parentlist'] = '';

while ($curid != -1 AND $i++ < 1000)
{
if ($curid)
{
$vbulletin->forumcache["$forumid"]['parentlist'] .= $curid . ',';
$curid = $vbulletin->forumcache["$curid"]['parentid'];
}
else
{
global $vbphrase;
if (!isset($vbphrase['invalid_forum_parenting']))
{
$vbphrase['invalid_forum_parenting'] = 'Invalid forum parenting setup. Contact vBulletin support.';
}
trigger_error($vbphrase['invalid_forum_parenting'], E_USER_ERROR);
}
}

$vbulletin->forumcache["$forumid"]['parentlist'] .= '-1';

// child list
$vbulletin->forumcache["$forumid"]['childlist'] = $forumid;
fetch_forum_child_list($forumid, $forumid);
$vbulletin->forumcache["$forumid"]['childlist'] .= ',-1';
}

$parentsql = '';
$childsql = '';
foreach ($vbulletin->forumcache AS $forumid => $forum)
{
$parentsql .= " WHEN $forumid THEN '$forum[parentlist]'
";
$childsql .= " WHEN $forumid THEN '$forum[childlist]'
";
}

$vbulletin->db->query_write("
UPDATE " . TABLE_PREFIX . "forum SET
parentlist = CASE forumid
$parentsql
ELSE parentlist
END,
childlist = CASE forumid
$childsql
ELSE childlist
END
");
}

Number of Categories: 8
Number of sections: 133 (Including sub-sections)
vBulletin: v3.6.8

Anyone knows how to fix this?

--------------- Added 1202942610 at 1202942610 ---------------

I figured out the problem, somehow my forum was hacked, when I edited forums in "Forum Manager", Title, description.. everything showed as:

r3dsoldier her ++++ you alll usa + isreal and ....... contact irlande@live.ie

How is that possible though? v3.6.8 is not stable? and why its only showing in forum manager?

Full Message (From /Archive/):

r3dsoldier her ( muslim h4ck3r) all your data ++++ing admin is with me if you want help contact me

snakes1100

02-13-2008, 09:25 PM

This is something you need to check in the server logs, there are no known security issues in vbulletin.

cuphongle

02-17-2008, 02:56 AM

Ok any news on how to fix this? and how to prevent it from happening again? I have a big board, and I can't just start over again.

As you can see in the attachment I posted, a lot of my sections has the same title and description, but it only appears in the forum manager, not the forum index it self, in the forum index it shows as normal (with the real title and description).

Also in Categories the same thing.

I am frustrated about this, and I need to find a fix for it ASAP.

Hacks installed:
- Add Header/Footer per forum 1.0
- AJAX REG 3.1.1
- AnyMedia BBCode 3.0.8.1
- Display reputation comments in user post 2.31
- nCode Image Resizer 1.0.1
- New posts and reputation comments 3.23
- Post Once Per Thread 1.01
- Separate Sticky and Normal Threads 1.0.5
- vbBux / vbPlaza 1.5.8
- vbBux / vbPlaza - ibProArcade Addon 1.0.0
- vBookie 1.0.7
- vBShout 2.0
- vS-Hide Hack Resurrection (Expanded Edition) 2.8.1

Dismounted

02-17-2008, 03:30 AM

Any modification could have caused it.

Boofo

02-17-2008, 04:07 AM

Yes, I was going to say the same thing. Have you downloaded any mods from anywhere other than here?

cuphongle

02-17-2008, 05:18 AM

No, all the modifications are from here, also in my previous post, all the modifications I have installed are listed.

Boofo

02-17-2008, 05:38 AM

Could you have a rogue admin?

cuphongle

02-17-2008, 07:10 AM

Not possible.. only close friends, and no permissions given (basically just a name color), and even so, how would an admin do that?

The forum index is ok... that issue is in forum manager.. and because of it, I can't edit, move, change.. any of the sections.

My guess is, it was an SQL Injection (because the database it self was effected).

Anyone knows how to fix this?

Marco van Herwaarden

02-17-2008, 08:19 AM

Did you ever do what the original message asked you to: Contact vBulletin Support?

cuphongle

02-17-2008, 08:55 AM

Ummm isn't that what I'm doing now?

Marco van Herwaarden

02-17-2008, 08:59 AM

No, you contact Support by opening a Support Ticket. ;)

You can do so from the Members' Area or by sending an email to support@vbulletin.com.